IETF Logo Mail Archive

[rtcweb] Continuing to assert username/password (Re: FW: Adopting draft-muthu-behave-consent-freshness?)

Harald Alvestrand <harald@alvestrand.no> Tue, 17 September 2013 08:34 UTC

Return-Path: <harald@alvestrand.no>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9F92011E83AD for <rtcweb@ietfa.amsl.com>; Tue, 17 Sep 2013 01:34:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.299
X-Spam-Level:
X-Spam-Status: No, score=-110.299 tagged_above=-999 required=5 tests=[AWL=-0.300, BAYES_00=-2.599, J_CHICKENPOX_72=0.6, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 42Ws1-O29Atz for <rtcweb@ietfa.amsl.com>; Tue, 17 Sep 2013 01:34:15 -0700 (PDT)
Received: from eikenes.alvestrand.no (eikenes.alvestrand.no [158.38.152.233]) by ietfa.amsl.com (Postfix) with ESMTP id 2C2F511E83AC for <rtcweb@ietf.org>; Tue, 17 Sep 2013 01:34:15 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by eikenes.alvestrand.no (Postfix) with ESMTP id D27CE39E3E4 for <rtcweb@ietf.org>; Tue, 17 Sep 2013 10:34:12 +0200 (CEST)
X-Virus-Scanned: Debian amavisd-new at eikenes.alvestrand.no
Received: from eikenes.alvestrand.no ([127.0.0.1]) by localhost (eikenes.alvestrand.no [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 05Fue+p2gsP4 for <rtcweb@ietf.org>; Tue, 17 Sep 2013 10:34:11 +0200 (CEST)
Received: from hta-hippo.lul.corp.google.com (unknown [IPv6:2620:0:1043:1:7646:a0ff:fe90:e2bb]) by eikenes.alvestrand.no (Postfix) with ESMTPSA id 2D59239E246 for <rtcweb@ietf.org>; Tue, 17 Sep 2013 10:34:11 +0200 (CEST)
Message-ID: <52381402.8070400@alvestrand.no>
Date: Tue, 17 Sep 2013 10:34:10 +0200
From: Harald Alvestrand <harald@alvestrand.no>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130804 Thunderbird/17.0.8
MIME-Version: 1.0
To: rtcweb@ietf.org
References: <E92E67B176B8B64D8D3A8F5E44E9D8F41FF743A0@xmb-aln-x05.cisco.com>
In-Reply-To: <E92E67B176B8B64D8D3A8F5E44E9D8F41FF743A0@xmb-aln-x05.cisco.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 8bit
Subject: [rtcweb] Continuing to assert username/password (Re: FW: Adopting draft-muthu-behave-consent-freshness?)
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Sep 2013 08:34:19 -0000

Changing subject line in order to make life easier for those who try to 
review comments on the original subject....

On 09/17/2013 07:10 AM, Ram Mohan R (rmohanr) wrote:
> Hi Please see inline
>
> -----Original Message-----
> From: Jessie <Lijing>, "Huawei)" <lijing80@huawei.com>
> Date: Thursday, 12 September 2013 1:27 PM
> To: "rtcweb@ietf.org" <rtcweb@ietf.org>
> Subject: [rtcweb] FW:  Adopting draft-muthu-behave-consent-freshness?
>
>> Hi all,
>>
>> As a newcomer to RTCWEB, I have some doubts after I have read the draft.
>>
>> 1. in "4.  Solution Overview", may be it would be better to clarify when
>> to send a STUN Binding Request(in the middle of a media session or before
>> sending traffic, during sending traffic or only during silence periods)
>> and which side to send the request(controlling agent or both sides)?
> The introduction section explains when consent is needed. During the
> initial call setup ICE connectivity checks are used. This mechanism
> described in this document is for periodic consent after initial sessions
> is setup.
>
>> 2. in " 7.  Security Considerations", there are the following words. As
>> when one agent receives STUN Binding Request, unlike the processing of
>> indication message, it have to do more processes to send the Response
>> message, I am not sure whether it is appreciate not to authenticate the
>> source and respond directly. Is it more open to malicious attacks?
> I am not clear on what you asking here. The below text just tells that
> there is no need to re-asserting the username/password that was sent
> initially during ICE checks. Are you saying this can lead to attacks ? If
> yes can you explain on what you meant in detail ?

The text below is wrong.

If, as is commonly the case, an attacker has the ability to inject 
packets on the wire with the same IP address as the victim, the attacker 
can forge ICE packets.

If the victim's correspondent checks MESSAGE-INTEGRITY (which implicitly 
checks username and password), he will detect that these packets don't 
have the correct authorization, and throw them away.

If the victim's correspondent does not check MESSAGE-INTEGRITY, the 
attacker can keep renewing any consent to receive as long as he wants, 
even though the victim wanted to stop consenting.

Since the whole purpose of consent-freshness is to allow the potential 
victim to stop consenting to receiving traffic, checking 
MESSAGE-INTEGRITY (which implictily checks username and password) is 
necessary.

This whole paragraph should be deleted from the "Security 
Considerations" section and replaced with text properly describing the 
situation.

>
> Ram
>
>>   "Once that connection to the remote
>>    peer has been established with ICE, the consent to continue sending
>>    traffic does not benefit from re-asserting that same username and
>>    password, so long as the senders and receiver's IP addresses remain
>>    the same (as they usually do)."
>>
>> Neglect my words, if my understandings are wrong.
>>
>> Best regards,
>>
>> Jessie
>>
>> -----Original Message-----
>> From: rtcweb-bounces@ietf.org [mailto:rtcweb-bounces@ietf.org] On Behalf
>> Of Magnus Westerlund
>> Sent: Monday, September 09, 2013 4:37 PM
>> To: rtcweb@ietf.org
>> Subject: [rtcweb] Adopting draft-muthu-behave-consent-freshness?
>>
>> WG,
>>
>> This is a call for WG adoption of STUN Usage for Consent Freshness
>> (draft-muthu-behave-consent-freshness-04). This document defines a STUN
>> usage for consent freshness. As this requires no protocol extensions we
>> as intended users can define this usage in our WG. Such work also
>> matches our charter. The draft-ietf-rtcweb-security-arch-07 is
>> normatively dependent on this STUN usage.
>>
>> Document:
>> https://datatracker.ietf.org/doc/draft-muthu-behave-consent-freshness/
>>
>> WG, please indicate your support or issues with adopting this document
>> as WG item with a proposed milestone:
>>
>> Mar 2014 Send STUN Usage for Consent Freshness to IESG for publication
>> as proposed standard.
>>
>> Cheers
>>
>> Magnus Westerlund
>>
>> ----------------------------------------------------------------------
>> Multimedia Technologies, Ericsson Research EAB/TVM
>> ----------------------------------------------------------------------
>> Ericsson AB                | Phone  +46 10 7148287
>> Färögatan 6                | Mobile +46 73 0949079
>> SE-164 80 Stockholm, Sweden| mailto: magnus.westerlund@ericsson.com
>> ----------------------------------------------------------------------
>>
>> _______________________________________________
>> rtcweb mailing list
>> rtcweb@ietf.org
>> https://www.ietf.org/mailman/listinfo/rtcweb
>> _______________________________________________
>> rtcweb mailing list
>> rtcweb@ietf.org
>> https://www.ietf.org/mailman/listinfo/rtcweb
> _______________________________________________
> rtcweb mailing list
> rtcweb@ietf.org
> https://www.ietf.org/mailman/listinfo/rtcweb

v2.23.0 | Report a Bug | By Email